CVE-2008-0068

HP OpenView Network Node Manager 7.01, 7.51, 7.53 - Path Traversal via Action Parameter

Title source: llm

Exploitation Summary

EIP tracks 1 public exploit for CVE-2008-0068. PoCs published by Luigi Auriemma.

AI-analyzed exploit summary The provided text describes a directory traversal vulnerability in HP OpenView Network Node Manager, specifically affecting 'ovalarmsrv.exe' and 'ovtopmd.exe' processes. It includes a sample URL demonstrating the exploit but lacks executable code.

Description

Directory traversal vulnerability in OpenView5.exe in HP OpenView Network Node Manager (OV NNM) 7.01, 7.51, and 7.53 allows remote attackers to read arbitrary files via directory traversal sequences in the Action parameter.

Exploits (1)

exploitdb WRITEUP VERIFIED

by Luigi Auriemma · textremotewindows

https://www.exploit-db.com/exploits/31638

View Code ZIP pw:eip

The provided text describes a directory traversal vulnerability in HP OpenView Network Node Manager, specifically affecting 'ovalarmsrv.exe' and 'ovtopmd.exe' processes. It includes a sample URL demonstrating the exploit but lacks executable code.

Classification

Writeup 90%

Attack Type

Info Leak

Complexity

Trivial

Reliability

Theoretical

Target: HP OpenView Network Node Manager 7.53

No auth needed

Prerequisites: Network access to the vulnerable service

MITRE ATT&CK